The GIA evaluates the following:

(a) Adequacy, integrity, effectiveness of the Company and the Group’s internal controls in safeguarding

shareholders’ investment and the Group’s assets. The internal controls cover financial, operational,

information technology, compliance controls and enterprise risk management.

(b) Extent of compliance with established policies, procedures and statutory requirements.

(c) Adequacy of policies, procedures and guidelines on the Company and Group’s accounting, financial and

operational activities.

For the year under review, the GIA had undertaken the following work:

(a) Prepared the annual audit plan for approval by the Audit Committee.

(b) Performed risk-based audits based on the approved annual audit plan, including follow-up of matters from

previous internal audit reports.

(c) Issued internal audit reports to the Management on risk management and internal control issues identified

from the risk-based audits together with recommendations for improvements for these processes.

(d) Reported on a quarterly basis to the Audit Committee on significant risk management and internal control

issues from the internal audit reports issued and the results of follow-up of matters reported.

(e) Reported on a quarterly basis to the Audit Committee the achievement of the audit plan and status of GIA

function.

(f) Conducted regular follow-up and monitoring on the implementation of recommendations made by the

Group internal audit function to ensure that appropriate corrective actions are taken on a timely basis or

within agreed timelines.

(g) Reviewed the procedures relating to related party transactions entered into by the Group to ensure that

the related party transactions have been conducted on the group’s normal commercial terms and are not

to the detriment of the Group’s minority shareholders.

(h) Revised the Internal Audit Standard Operating Procedures.

(i) Reviewed compliance on MS2530-3:2013 Malaysian Sustainability Palm Oil Certification Standard of Part

3: General Principles for Oil Palm Plantations and Organised Smallholders requirements for all estates

operated by the Group.

(j) Preparation of Audit Committee Report and Statement on Risk Management and Internal Control for the

Company’s 2019 Annual Report.

During the financial year, seven (7) internal audit reports were issued on various operating units of the Group

covering reviews on control environment, risk management, revenue assurance, procurement, finance, human

resource, occupational safety and health and regulatory compliances and operations.

The total costs incurred for maintaining the GIA function for FYE2019 is RM185,000 (FYE2018: RM170,000),

comprising personnel costs, establishment expenses, admin and general expenses.

5.

ENTERPRISE RISK MANAGEMENT (“ERM”)

Risk management is regarded by the Board as an important aspect of the Group’s diverse and growing

operations with the objective of maintaining a sound internal control system. To this end, the Group has

established the appropriate risk management infrastructure to ensure that the Group’s assets are well-protected

and shareholders’ value enhanced.

The Audit Committee and the Board is supported by RMC. The RMC identifies and communicates to the

Audit Committee and the Board the present and potential critical risks the Group faces, their changes and the

Management action plans to manage these risks. The RMC convenes meeting on a yearly basis to review the

key risk profiles and submit a summary reporting to the Audit Committee.

corporate

governance

77